package com.gamutsoft.amb.common.filter;
import java.util.List;

import javax.servlet.http.HttpServletRequest;

import org.apache.struts2.ServletActionContext;

import com.gamutsoft.amb.common.constants.Constants;
import com.gamutsoft.amb.common.util.ConfigurationUtil;
import com.gamutsoft.amb.user.model.SystemUser;
import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.AbstractInterceptor;

/**
 * 验证登录权限
 * @author MengXiangliang
 *
 */
public class LoginInterceptor extends AbstractInterceptor {

	private static final long serialVersionUID = 1L;
	private static List uncheckUrlList = ConfigurationUtil.getList("loginFilter.url");//获取要需要权限的url
	@Override
	public String intercept(ActionInvocation ai) throws Exception {
		ActionContext ctx = ai.getInvocationContext();  //获取上下文
		HttpServletRequest request = (HttpServletRequest)ctx.get(ServletActionContext.HTTP_REQUEST);
		if(uncheckUrlList!= null){
			String url = request.getServletPath();
			if(uncheckUrlList.contains(url)){
				//获取登录用户
				SystemUser loginUser =(SystemUser) request.getSession().getAttribute(Constants.SESSION_USER);
				if(loginUser!=null){
					return ai.invoke();
				}else{
					return "login";
				}
			}else{
				return ai.invoke();
			}
		}else{
			return ai.invoke();
		}
	}

}
